Cryptology ePrint Archive: Report 2014/344

Abstract: With sensitive data being increasingly stored on mobile devices and
laptops, hard disk encryption is more important than ever. In
particular, being able to plausibly deny that a hard disk contains
certain information is a very useful and interesting research
goal. However, it has been known for some time that existing
``hidden volume'' solutions, like TrueCrypt, fail in the face of an
adversary who is able to observe the contents of a disk on multiple,
separate occasions. In this work, we explore more robust
constructions for hidden volumes and present HIVE, which is
resistant to more powerful adversaries with multiple-snapshot
capabilities. In pursuit of this, we propose the first security
definitions for hidden volumes, and prove HIVE secure under these
definitions. At the core of HIVE, we design a new write-only
Oblivious RAM. We show that, when only hiding writes, it is
possible to achieve ORAM with optimal O(1) communication complexity
and only poly-logarithmic user memory. This is a significant
improvement over existing work and an independently interesting
result. We go on to show that our write-only ORAM is specially
equipped to provide hidden volume functionality with low overhead
and significantly increased security. Finally, we implement HIVE as
a Linux kernel block device to show both its practicality and
usefulness on existing platforms.